Paper 2000/039
Encryption Modes with Almost Free Message Integrity
Charanjit S. Jutla
Abstract
We define a new mode of operation for block encryption which in addition to assuring confidentiality also assures message integrity. In contrast, previously for message integrity a separate pass was required to compute a cryptographic message authentication code (MAC). The new mode of operation, called Integrity Aware CBC (IACBC), requires a total of m + log m block encryptions on a plaintext of length m blocks. The well known CBC (cipher block chaining) mode requires m block encryptions. The second pass of computing the MAC essentially requires additional m block encryptions. We also show a lower bound of \Omega(log m) additional block encryptions for any reasonably modeled (linear) scheme which assures message integrity along with confidentiality.
Metadata
- Available format(s)
- PS
- Category
- Secret-key cryptography
- Publication info
- Published elsewhere. Unknown where it was published
- Keywords
- Block cipherCBCauthenticationMACmodes of operation
- Contact author(s)
- csjutla @ watson ibm com
- History
- 2018-04-08: last of 2 revisions
- 2000-08-01: received
- See all versions
- Short URL
- https://ia.cr/2000/039
- License
-
CC BY